Jump to content

All Browsers But Ie At Risk To New Spoofing Scheme


Recommended Posts

Posted

TechWeb News reports "All Browsers But IE At Risk To New Spoofing Scheme"

"A newly uncovered vulnerability in most browsers can allow hackers to spoof the URL displayed in the address bar and the SSL certificate, a security firm warned Monday. The one exception? Microssft's Internet Explorer. Danish security company Secunia posted an alert describing the vulnerability--which affects Mozilla, Firefox, Safari, Opera, and Konqueror--as a "moderately critical" problem.

The vulnerability impacts every browser that uses the open-source Gecko browser kernel--nearly all except IE--because of a flaw in handling International Domain Names (IDN). Hackers can register domain names with certain international characters that resemble other commonly used characters, said Secunia, to spoof the address and trick the user into thinking they're at a legitimate site and/or it's secured by SSL.

Such spoofing vulnerabilities are typically exploited by phishers who try to dupe users into divulging financial information at bogus Web sites that resemble real-life banking, credit card, or retail sites.

The vulnerability has been confirmed in the latest version of Firefox, v. 1.0, as well as in Mozilla 1.7.5, Opera 7.54u1, Opera 7.54u2, Safari 1.2.4, Konqueror 3.2.2, and Netscape 7.2. Other editions of these browsers, however, may also be at risk, said Secunia, which posted an online test on its Web site.

Currently, none of the vendors have provided fixes for the flaw."

full story:

Firefox has an extension "SpoofStick".

I used it since beta days. :o

Wonder

Posted

None of the browsers will be without vulnerabilities. Now that firefox and mozilla have risen in popularity it will be targeted more. And with the source available it probably will happen more often.

IE currently has more problems than the other ones. I think we will see many more of these warnings in the future, and who knows after a while maybe IE is the best..

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...